search

InQuest / ThreatIngestor

Extract and aggregate threat intelligence.
https://inquest.readthedocs.io/projects/threatingestor/
GNU General Public License v2.0
821 stars 135 forks source link

Add a whitelist... #86

Closed mathurin68 closed 4 years ago

mathurin68 commented 4 years ago

This is great!

Every now and then we get a domain from twitter that isn't malicious and blows up our security tools, is there a place to add a whitelist?

Something like this(first 20K or something) http://s3.amazonaws.com/alexa-static/top-1m.csv.zip

Thanks!

ninoseki commented 4 years ago

@cmmorrow I think adding misp-warninglists compatible white listing feature would be useful. I will make a PR if it makes sense.

cmmorrow commented 4 years ago

Hello @ninoseki, yes I think this makes sense and feel free to work on it if you have the time.

cmmorrow commented 4 years ago

Hello @mathurin68, the MISP whitelist is included in release 1.0.0b8. I'll go ahead and close this issue.